Thanks, thats great stuff. I like that comms have to be established- its a 10 level common task, but Murphy can always intervene.

Expanding on the operator tasks idea, Id offer at a few additions:

Trouble shooting: anything from splicing a break in wire to field repair of an antenna. EASY for something like tracing commo wire or finding a loose ground strap; AVG for a splice or retiming a net with a freq hop master; DIFFICULT for a field expedient repair to a vehicle or man pack antenna or diagnosing a bad power amp; IMPOSSIBLE for diagnosing circuit issues without test set, etc

Communications field craft(): antenna savvy, radio positioning, battery conservation, etc. EASY for preserving batteries in extreme cold/hot/wet environments (one time role), avoid EMP effects; AVG for constructing field expedient antennas (jungle 292 type) or for customizing radio equipment (Wire antenna woven through molle links instead of using a whip to keep a low profile; tie 550 cord to OE254 head and throw over tree rather than use poles, etc), cut antenna for AM radio; establish a retrans network; DIFFICULT construct a directional FEA (vertical half rhomboid), site antenna to to minimize intercept/DF probability; IMPOSSIBLE cannibalize components for field expedient repair of internals, etc.


Just a few thoughts.

That's true; I have no idea how hopsets/locksets are generated except that they are done at G2 COMSEC and disseminated by radio. (I do know how to disseminate a set -- another no skill skill.)

It seems that if you could intercept one of those disseminations you'd be a long way towards breaking into an enemy net.

I can help a little, pardon the tech speak and my not dealing with this stuff in detail since the 90s!

For US units, keymat originates at NSA. They have executive responsibility for COMSEC in the US.

The SINCGARS (single channel ground air radio system) was becoming the default
FM radio system for US ground forces replacing the older PRC/VRC series radios and associated KY-57 COMSEC modules with a single unitized radio. The new radio was designed to operate in frequency hop/cypher text mode using time based hopsets and keymat based crypto. It was interoperable with other radios by selectively disabling either freq hop (usually), crypto(rarely), or both (single channel plain text). There was an USAF version of SINCGARs, but to my knowledge it didn't field until the 2000s.

In the 90's encrypted keymat was distributed by secure courier where it was uploaded into a key management system computer, decrypted, and prepared for loading into master AN/CYZ-10 (ANCDs). The master ANCD is then couriered to the user unit and used to fill the remainder of the unit's ANCDs, which fill SINCGARs, VINSON, etc. ANCDs were down to the company and even platoon level in some units, but never went forward of the assembly area. This would likely be the system in effect during the early phases of the Twilight War for most force package one units.

Before the transition to digital key management, keymat was generated on magnetic storage media (hard disks or magnetic tape), which was couriered to theater level signal units where it was produced on punched paper tape. Once there the punched tape was fed into a KOI-18 tape reader and used to fill either ANCDs (at the end of this method) or the older KYK-13 fill device. As with the ANCDs these were them couriered and used to fill the unit's equipment. This would still be common in many units, and could be adopted by FP1 units when their commercial spec KMS computers succumbed to combat. Unlike the ANCD KYK-13s didn't include time, so that would have to manually loaded. KYK-13s were commonly used to fill VHF radios in army aviation units even after the ANCD came into use since the HAVE QUICK utilized a different freq hop technology than SINCGARS.

The ANCD was a common fill device that could hold both hopsets and encryption keys as well as fill a number of different devices. In addition the ANCD could be loaded with information for multiple units, challenge/password data, and SOI data.

Both the SINCGARS and HAVE QUICK systems allow for Over The Air Rekey (OTAR- loading a new crypto key) and ECCM Remote Fill (ERF- loading a new hopset). This is an alternative to manual courier, but as Paul said it's less secure. That said, you'd have to have the MAN frequency, a compatible radio, and be in range. Maybe a surviving NSA reconstitutes at Buckley ANGB, CO and begins disseminating keymat by courier and OTAR to high priority units or operations and SOI for everybody else.

With non freq hop radios, the COMSEC process is similar using either a KYK-13 or OTAR to fill the VINSON. Units using freq hop radios must operate in single channel mode when working with non freq hop units. An example is a SINCGARS equipped US unit working with a Clansman (non FH) equipped UK unit. This was also the case when a SINCGARS equipped unit was working with dismounted forces using the PRC-126 squad/team radio which did not FH- a SINCGARs somewhere in the remainder formation had to be on SC mode to talk to the 126s or the dismounts carried a FH SINCGARs to talk FH back to the vehicles. Still better than the Motorola saber which had its own encryption and didn't talk to anything else. All that changed when the MBITR started to appear in the late 90s, but they'd be hen's teeth in T2K and probably confined to SMUs.

Anecdotally, most OTAR and ERF is done within small units in locations like assembly areas where the radios SHOULD be in low power. Sometimes there's a little yelling and choice words involved, especially when dealing with loading time!

This is not quite accurate. A bit means "binary digit". Each bit can represent two states, on or off (1 or 0). A 100 letter phrases encoded as bytes (8 bits per byte) will weigh in at 800 bits, not characters.

Encryption like SAVILLE used is what's called a stream cipher. With a stream cipher a key fed into an algorithm to generate what's called a "key stream". Every bit of input data is combined with a bit of the key stream, usually with an exclusive-OR operation, to get an enciphered bit. A key stream essentially looks like random noise, least it should look like noise, and so long as you feed the same key into that algorithm if you feed in the enciphered bit you'll get the plaintext bit back out.

The size of the key is really describing the periodicity of the key stream. If the key was small, say only 8 bits, you could easily generate all the key streams from every possible key since there's only 256. Assuming your encryption algorithm doesn't have some other mathematical, process, or equipment weakness your key size increases the difficulty of someone trying every possible key. At 128 bits there's more possible keys that atoms in the universe IIRC. So it's not every letter being encoded with 128 bits but some pseudorandom extremely long pattern generated by the 128 bit key.

If a message is digitally encrypted I would put the difficulty as literally impossible. Unless there's some sort of key a character can get ahold of there's no practical way to crack the encryption. For military gear that means having the encrypted signals and having an intact key loading device and the appropriate encryption equipment. Without all that you'd need a billion years to find the encryption key.

You undoubtedly have more experience than I do, so I'll take your word for it.

I too require PCs to have a powerful computer with specialized decryption software to have an IMPOSSIBLE chance to break digital encryption. I note that in my previous post.

A meant literally impossible as in can't accomplish rather than simply Impossible skill check difficulty.

I have difficulty believing that. One thing we've all learned in the modern computing age is that anything can be hacked.

Hacked is a highly qualified statement. There's lots of components of communication systems that can be "hacked". Some parts are much easier than others, the encryption systems tends to sit more on the computationally infeasible end of the spectrum. Most successful hacks are more on the user side of a system like brute force guessing poorly generated/reused encryption keys.

So I'm definitely not saying systems are unhackable, it's just the PCs aren't going to be able to "hack" encrypted comms with a pre-TDM laptop they might have with them. Even if they were hauling around a supercomputer they couldn't expect to brute force any military encryption.

I think comms using reprogrammable encryption are going to be infrequent almost three years post tdm. It'd be easier to produce a paper SOI that gets couriered out and changed on a schedule than go to That's essentially an encryption guide or code book (brevity codes) similar to JN25 or Admiralty Code. With time, an SOI or code can be compromised, mainly due to induced human error or capture. That countermeasure to that is introducing a new edition frequently. Couriers could see more use, with light aircraft and the remaining helicopters falling back into a liaison and courier role.

That will be another challenge for PCs as they re-enter friendly lines without current challenge/password or recognition signals, or counter "friendlies" with different signals. There's adventure seeds to capture an SOI or codebook, interdict a courier, or protect the same. High priority missions may see PCs issued with encrypted comms gear and COMSEC equipment (ANCD, KYK, etc).

Some examples of the use of brute force, from RSA Labs Encryption Challenges, using distributed networks, not a stand-alone machine.

56-bit cracked in 250 days by 16,738 total participants
64-bit cracked in 1757 days (4.8 years) by 327,856 participants
72-bit remains uncracked after 7,241 days (19.8 years) and 143,497 participants (projected time remaining 27,828 days (76+ years))

To me, the question isnt, Can you crack the encryption, but Is it worth doing so In the case of the above 72-bit key, even if you manage to crack it, does a single decrypt (or even a whole days worth of decrypts) provide any usable intelligence decades after the fact

for more modern setting two pieces of SIGINT gear i love to implement in more modern settings. the Wifi Pineapple and the Dope Scope. they balance each other out because the wifi pineapple is mostly intended for infiltrating networks (it can also be used as a wifi extender), and the dopescope is built to find anything emitting wifi signals. granted your range may vary and most the time i just put both at 50M and then adjust it based on terrain.

of course even without purpose built systems, with access to cheap SDR's, beer cans, and duct tape you can put together some surprisingly effecting radio direction finding equipment. might not be ideal for cracking crypto but you can do surprising things with very little.

Speaking of brevity codes:

ZBM2

zbk1!

Ah, Z and Q codes. Brings back fond memories of hitting the books at NCS WTC long years ago. I have not missed using them though.

Note that the SAVILLE system uses a 120-bit key. It would take trillions of years to brute force a single key if you could build a system that tried a quadrillion keys per second. So the time taken to recover a single key with a brute force search (even with mathematical principals like the Birthday Paradox) is directly related to a functionality of decryption. If a single key takes a trillion years to recover the practicality of the system is effectively zero.